1. Field of the Invention
The present invention relates to a method for encrypting and decrypting data for multi-level access control in an ad-hoc network. More particularly, the present invention relates to a method for encrypting and decrypting data for multi-level access control in an ad-hoc network having a hierarchy of security classes using embedded error correcting code.
2. Description of the Related Art
Access control in an ad-hoc network is performed under an assumption that information or data transmitted or stored on the ad-hoc network should be encrypted. This assumption is required because an ad-hoc network does not have an infrastructure. If such a network had an infrastructure, the ad-hoc network would be able to employ a common access control technology based on a daemon, which determines whether an arbitrary user is allowed access to protected information. However, in order to control access in an ad-hoc network without an infrastructure, all information and data should be encrypted.
To implement access control, information is encrypted, and a method for accessing the encrypted information is provided to entities having authorization to access and use the information. Generally, the access control is implemented by distributing keys to the entities and obtaining keys of dependent entities.
One conventional technology for multi-level access control is based on a discrete logarithm problem. According to this conventional technique, keys of all entities belonging to a hierarchy are dependent on each other. A size of a key increases dramatically as the number of entities increases. The advantage of this technique is that users do not need to store information on the hierarchy. Despite this advantage, this technique has a problem in that a new security class (SC) cannot be added to the hierarchy. In addition, in a lower level in the hierarchy, the size of a key becomes very large, and anonymity is not supported, since the user should publish his/her ID together with encrypted information.
Another conventional technology for multi-level access control uses Chinese Remainder Theorem (CRT). This conventional technique is based on encryption using a public key. A key used in encryption is encrypted using a public key of higher entities. The encrypted key is stored or transmitted together with encrypted information. With CRT, the hierarchical structure can be hidden. This technique needs to maintain a public key infrastructure (PKI), but the PKI is nontrivial in an ad-hoc network. In addition, the CRT calculation is for anonymity, but needs an entity referred to as a group controller, which maintains all levels. Consequently, all levels become dependent on a single entity, which complicates application to a secure ad-hoc network.